A series of covert cyberattacks have been explicitly zeroing in on military and weapons contractor firms. Most notably, these ongoing attacks use '" spear-phishing" emails, which work to commence what's known as a multi-stage infection process that deploys an unknown payload on these vulnerable devices.
The attacks have been referred to as STEEP#MAVERICK by Securonix, which also works to breach the supplier that works with the F-35 Lightning II fighter aircraft. Researchers share that "the attack started in late summer 2022, targeting at least two high-profile military contractor companies."
The phishing attacks function by sending an email containing a ZIP archive attachment, which holds a shortcut file that "claims" to be a PDF document titled "Company & Benefits," which is the malware released into the remote server.
The part that makes these attacks stand is their modus operandi, which "incorporates obfuscated code designed to thwart analysis, in addition to scanning for the presence of debugging software and halt the execution if the system language is set to Chinese or Russian."
Hungry for more? Join me each week, where I'll break down complex topics and dissect the latest news within the cybersecurity industry and blockchain ecosystem, simplifying the tech world.